<style include="settings-shared">
  :host([is-user-configurable_])
      .peripheral-data-access-protection {
    --cr-disabled-opacity: 1;
    cursor: pointer;
    opacity: 1;
  }

  #dataAccessProtectionWrapper:focus {
    outline: none;
  }

  .peripheral-data-access-protection {
    /* Remove the unecessary spacing infront of the learn-more link. */
    --cr-subsequent-anchors-of-span-margin: 0px;
  }
</style>
<settings-animated-pages id="pages" section="osPrivacy"
    focus-config="[[focusConfig_]]">

  <div route-path="default">
    <template is="dom-if" if="[[!isGuestMode_]]" restamp>
      <cr-link-row id="lockScreenSubpageTrigger"
          on-click="onConfigureLockTap_"
          label="[[selectLockScreenTitleString_(hasPinLogin)]]"
          sub-label="[[getPasswordState_(hasPin,
              prefs.settings.enable_screen_lock.value)]]"
          role-description="$i18n{subpageArrowRoleDescription}">
      </cr-link-row>
      <cr-link-row id="manageOtherPeopleSubpageTrigger" class="hr"
          label="$i18n{manageOtherPeople}"
          on-click="onManageOtherPeople_"
          role-description="$i18n{subpageArrowRoleDescription}">
      </cr-link-row>
      <div class="hr"></div>
      <template is="dom-if" if="[[isSmartPrivacyEnabled_]]" restamp>
        <cr-link-row id="smartPrivacySubpageTrigger"
            on-click="onSmartPrivacy_"
            label="$i18n{smartPrivacyTitle}"
            sub-label="$i18n{smartPrivacySubtext}"
            role-description="$i18n{subpageArrowRoleDescription}">
        </cr-link-row>
        <div class="hr"></div>
      </template>
    </template>

<if expr="_google_chrome">
    <settings-toggle-button
        id="enable-logging"
        pref="[[metricsConsentPref_]]"
        label="$i18n{enableLogging}"
        sub-label="$i18n{enableLoggingDesc}"
        deep-link-focus-id$="[[Setting.kUsageStatsAndCrashReports]]"
        disabled$="[[!isMetricsConsentConfigurable_]]"
        on-settings-boolean-control-change="onMetricsConsentChange_"
        no-set-pref>
    </settings-toggle-button>
    <div class="hr"></div>
    <template is="dom-if" if="[[isRevenBranding_]]">
      <settings-toggle-button
          id="enable-hw-data-usage"
          pref="{{prefs.cros.reven.enable_hw_data_usage}}"
          label="[[i18n('enableHWDataUsage')]]"
          sub-label="[[i18n('enableHWDataUsageDesc')]]">
        </settings-toggle-button>
      <div class="hr"></div>
    </template>
</if>
    <settings-toggle-button
        id="suggested-content"
        pref="{{prefs.settings.suggested_content_enabled}}"
        label="$i18n{enableSuggestedContent}"
        sub-label="$i18n{enableSuggestedContentDesc}"
        learn-more-url="$i18n{suggestedContentLearnMoreURL}">
    </settings-toggle-button>
    <div class="hr"></div>
    <settings-toggle-button
        id="enableVerifiedAccess"
        pref="{{
          prefs.cros.device.attestation_for_content_protection_enabled}}"
        label="$i18n{enableContentProtectionAttestation}"
        deep-link-focus-id$="[[Setting.kVerifiedAccess]]">
    </settings-toggle-button>
    <template is="dom-if" if="[[isThunderboltSupported_]]">
      <template is="dom-if" if="[[isPciguardUiEnabled_]]">
        <div class="hr"></div>
        <!-- This toggle is always disabled. The underlying pref state is
             handled by the JS impl. This is to prevent toggling the pref
             before the user confirms the action. -->
        <div id="dataAccessProtectionWrapper"
            tabindex="0"
            on-focus="onDataAccessToggleFocus_"
            on-keypress="onDataAccessToggleKeyPress_">
          <settings-toggle-button
              id="crosSettingDataAccessToggle"
              class="peripheral-data-access-protection"
              pref="{{prefs.cros.device.peripheral_data_access_enabled}}"
              label="$i18n{peripheralDataAccessProtectionToggleTitle}"
              sub-label=
                  "$i18n{peripheralDataAccessProtectionToggleDescription}"
              deep-link-focus-id$=
                  "[[Setting.kPeripheralDataAccessProtection]]"
              on-click="onPeripheralProtectionClick_"
              learn-more-url="$i18n{peripheralDataAccessLearnMoreURL}"
              hidden$="[[isLocalStateDataAccessPref_(
                  dataAccessProtectionPrefName_)]]"
              disabled
              inverted>
          </settings-toggle-button>
          <settings-toggle-button
              id="localStateDataAccessToggle"
              class="peripheral-data-access-protection"
              pref="{{prefs.settings.local_state_device_pci_data_access_enabled}}"
              label="$i18n{peripheralDataAccessProtectionToggleTitle}"
              sub-label=
                  "$i18n{peripheralDataAccessProtectionToggleDescription}"
              deep-link-focus-id$=
                  "[[Setting.kPeripheralDataAccessProtection]]"
              on-click="onPeripheralProtectionClick_"
              learn-more-url="$i18n{peripheralDataAccessLearnMoreURL}"
              hidden$="[[isCrosSettingDataAccessPref_(
                  dataAccessProtectionPrefName_)]]"
              disabled
              inverted>
          </settings-toggle-button>
        </div>
      </template>
    </template>
    <template is="dom-if" if="[[showSecureDnsSetting_]]">
      <div class="hr"></div>
      <settings-secure-dns prefs="{{prefs}}"></settings-secure-dns>
    </template>
  </div>

  <template is="dom-if" if="[[!isGuestMode_]]" restamp>
    <template is="dom-if" route-path="/osPrivacy/lockScreen">
      <settings-subpage page-title="[[selectLockScreenTitleString_(hasPinLogin)]]">
        <settings-lock-screen id="lockScreen" set-modes="[[setModes_]]"
            prefs="{{prefs}}" auth-token="[[authToken_]]"
            on-invalidate-auth-token-requested="onInvalidateTokenRequested_"
            on-password-requested="onPasswordRequested_">
        </settings-lock-screen>
      </settings-subpage>
    </template>
    <template is="dom-if" route-path="/osPrivacy/lockScreen/fingerprint">
      <settings-subpage page-title="$i18n{lockScreenFingerprintTitle}">
        <settings-fingerprint-list id="fingerprint-list"
            auth-token="[[authToken_.token]]"
            set-modes="[[setModes_]]"
            on-password-requested="onPasswordRequested_">
        </settings-fingerprint-list>
      </settings-subpage>
    </template>
    <template is="dom-if" route-path="/osPrivacy/accounts">
      <settings-subpage page-title="$i18n{manageOtherPeople}">
        <settings-users-page prefs="{{prefs}}">
        </settings-users-page>
      </settings-subpage>
    </template>
    <template is="dom-if" route-path="/osPrivacy/smartPrivacy">
      <settings-subpage page-title="$i18n{smartPrivacyTitle}">
        <settings-smart-privacy-page prefs="{{prefs}}">
        </settings-smart-privacy-page>
      </settings-subpage>
    </template>
  </template>

</settings-animated-pages>

<template is="dom-if" if="[[showPasswordPromptDialog_]]" restamp>
  <settings-lock-screen-password-prompt-dialog
      id="passwordDialog"
      on-close="onPasswordPromptDialogClose_"
      on-auth-token-obtained="onAuthTokenObtained_">
  </settings-lock-screen-password-prompt-dialog>
</template>

<template is="dom-if" if="[[showDisableProtectionDialog_]]" restamp>
  <settings-peripheral-data-access-protection-dialog id="protectionDialog"
      on-close="onDisableProtectionDialogClosed_" prefs="{{prefs}}"
      pref-name="[[dataAccessProtectionPrefName_]]">
  </settings-peripheral-data-access-protection-dialog>
</template>
